REMOTELY OBTAINING TEMPORARY EXCLUSIVE 
CONTROL OF A DEVICE 

BACKGROUND OF THE INVENTION 

Field Of The Invention 

The present invention concerns remotely obtaining temporary 
exclusive control of devices. More particularly, the present invention relates 
to remotely obtaining exclusive control of a device via a network by 
determining whether the device is available for a user, requesting remote 
exclusive control, to obtain exclusive control, and either providing the user 
with remote exclusive control or adding the user to a reservation queue of 
users requesting exclusive control of the device. 

Description Of The Related Art 

When printing print jobs to a printer, once the print jobs are 
printed out, a recipient must go to the printer in order to retrieve the hardcopy 
printout. Often, upon arriving at the printer to retrieve his printout, the 
recipient discovers that his hardcopy printout is not there. This may be 



because the recipient's print job is still pending in the print queue behind other 
print jobs, or because the print job may have been accidentally or intentionally 
taken by someone else. A similar problem arises with regard to facsimile 
transmissions. To address this problem, systems have been contemplated that 
defer printing a print job or a facsimile transmission until the recipient is 
present at the printer/facsimile. 

One method of deferring printing of a facsimile transmission is 
known with regard to a Canon Laser Class 7000/7500 facsimile machine. This 
facsimile machine defers printing a transmission received by the facsimile 
machine by storing the transmission in a confidential electronic mailbox. The 
data is held in the mailbox until a person having the proper mailbox code 
arrives at the facsimile machine and enters the proper code to retrieve the data 
from the mailbox. Once the proper mailbox code has been entered, the 
transmission is printed by the facsimile machine. 

One method of deferring printing in printers is to require 
recipient authentication in order for the print job to be printed. Co-pending 
U.S. Patent Application No. 09/41 1,665 entitled "Authenticated Secure 
Printing", filed October 4, 1999, the contents of which are hereby incorporated 
by reference into the subject application as if set forth herein in full, describes 
a method of requiring recipient authentication in order to print secure 
documents. Briefly, the application describes a method where a user provides 
unique identification information that is submitted with a print job to a print 
node. Upon receiving the print job and unique identification information, the 
print node encrypts the print job and stores it in a secure manner, hi order to 
retrieve the secure print job from the printer, a person having the proper 
authentication information provides this information to the printer, whereby 
the printer processes and prints out the print job. 

Another method of deferring printing of a document until 
receiving recipient authentication has been described in U.S. Patent No. 
5,633,932 to Davis et al. According to the patent, a print job and a header are 
sent to a print node in encrypted format. If the document is considered to be 



"sensitive", then an indication that the document is sensitive is placed in an 
electronic header identifying the document as sensitive. Upon receiving the 
encrypted document and header, the print node decrypts the header to 
determine if the document is sensitive; if so, the document is stored until the 
5 print node receives authentication from the recipient. Thereafter, the 

"sensitive" document is printed. 

The foregoing methods provide a way to defer printing until 
receiving authentication of the recipient. However, none of these methods 
addresses the further control of printing operations after the recipient has been 

10 authenticated. More particularly, in each of the foregoing methods, after the 

recipient has been authenticated, all print jobs pending in the print queue 
before the recipient's print job continue to print in the order they were 
received by the queue. Accordingly, the recipient has to wait until other print 
jobs pending before his are printed before his print job is printed. Moreover, 

15 the authenticated recipient is not able to select a print job to print from among 

those pending in the queue. Additionally, if the recipient submits a print job 
after he has been authenticated, he may have to be authenticated again in order 
for the newly submitted print jobs to print. Further, the recipient is only able 
to print print jobs that have been received by the queue and is not able to 

20 manually access a remote storage location and download a print job to print. 

Additional concerns arise with regard to accurate accounting of 
resources used in printing operations, such as the amount and type of paper 
used and the amount of ink used, hi more detail, accurate accounting of 
resources may be desired in order to bill a particular department within an 

25 office or a particular person using the resources. Accounting is most 

commonly accomplished by software in a print server that tracks print jobs 
based on who submitted the print job. However, this accounting method does 
not accurately reflect the actual recipient who is using the resources, but only 
identifies the sender or sending department. This becomes particularly 

30 apparent where one department such as an accounting department, requests 

that another department such as an engineering department, send it a copy of a 



document. In this case, the sender (engineering) would be billed for resources 
whereas the recipient (accounting) is actually using the resources. As a result, 
the sender is billed for resources that they are not using. 

Further concerns may arise where a user is out of the office and 
5 therefore is not physically at the printer in order to be able to obtain control of 

the printer and to have his print job printed out. For instance, the user may be 
late arriving to the office and may not have had the opportunity to print out his 
print job for distribution at a meeting. Due to his late arrival at the office, he 
may not have sufficient time to print out his print job in time for the meeting. 

10 In this case, a way for the user to obtain control of a printer and print out his 

print job while he is out of the office so that it is ready for pickup when the 
user arrives at the office would be desirable. 

One way to remotely print a print job by manually altering a 
print job's position within a queue has been described in U.S. Patent 

15 6,184,996 (hereinafter referred to as the '996 patent). According to the '996 

patent, a user can remotely connect to a web server of a printer using a web 
browser. Using the web browser, the user can then request to view the print 
queue of the printer and select a print job to advance within the queue. 
However, the print job can only be advanced within the queue based on its 

20 priority level and can not be advanced within the queue ahead of a print job 

with a higher priority. Moreover, the '996 patent's approach requires manual 
manipulation of the queue. That is, the user must connect to the printer's web 
server and manually select a print job to be advanced. Thus, the '996 patent's 
approach is somewhat labor intensive on the user. A further problem is that, if 

25 the user wants to advance his print job ahead of all others to have it printed out 

immediately, he is not able to do so if any of the print jobs pending in the 
queue before his print job have a higher priority. 

Another problem with the '996 patent's approach is that the 
user does not have actual control over the queue itself, and as a result, once the 

30 user advances a print job in the queue, a different user could also connect to 

the printer's web server and advance their print job ahead of the first user's 



print job. Therefore, although the first user may have advanced a print job in 
the queue, he may lose the advanced position within the queue to another user 
since he does not have control over the queue and has no way of preventing 
another user from accessing the queue. Accordingly, what is needed is a way 
5 for a user to gain control over a device's capabilities that denies other user's 

access to the device and to be able to have their print job(s) advanced in the 
queue and printed out without requiring manual manipulation of the queue. 

Additional concerns regarding exclusive control of a device 
arise where a user attempts to gain remote control of the device, but is denied 

10 control because the device may be busy, is already controlled by another 

person, or may be temporarily out of order. In this case, the user's request for 
control may be continually denied and the user would have to repeatedly 
attempt to gain control. Therefore, the user can only obtain control if they 
request control of the device at a time when the device is available. 

15 Accordingly, what is needed is a way for a user to be able to obtain control of 

a device's capabilities without having to repeatedly request control. 

SUMMARY OF THE INVENTION 
The present invention addresses the foregoing by providing a 
20 system in which a user remotely obtains exclusive control of a device. 

According to the invention, a user establishes communication with the device 
and requests to obtain control over the devices capabilities. The user is 
provided with remote exclusive control of the device if the device is available 
and/or if the user is authorized to obtain control. On the other hand, if the 
25 device is not available, the user is added to a reservation queue of users 

requesting remote control of the device. 

As a result, a user can remotely obtain control over a device, 
such as a printer for example, and can submit and print out print jobs at the 
printer ahead of other print jobs. Thus, if the user is late for a meeting, he/she 
30 can have their print job ready and waiting for them when they arrive at the 

office. 



Moreover, the user does not have to be physically present at the 
device in order to obtain exclusive control, but can obtain exclusive control of 
the device remotely. Additionally, if the device is not available for the user to 
obtain remote exclusive control, the user is added to a reservation queue of 
users whereby he is provided with remote exclusive control at a later time, 
without having to make another attempt to gain remote exclusive control. 

Thus, in one aspect of the invention, a user remotely obtains 
exclusive control of a device by remotely establishing communication with the 
device over the network and requesting to obtain remote exclusive control of 
the device's capabilities. A determination is made whether the device is 
available for the user to obtain remote exclusive control of the device's 
capabilities and, in a case where it is determined that the device is available for 
the user to obtain remote exclusive control of the device's capabilities, 
providing the user remote exclusive control of the device's capabilities. 
However, in a case where it is determined that the device is not available for 
the user to obtain remote exclusive control of the device's capabilities, the 
user is added to a reservation queue of users requesting exclusive control of 
the device. 

In determining whether the device is available for a user to 
obtain remote exclusive control, a determination may be made whether the 
device is under exclusive control of another user, or a determination may be 
made whether the user is authorized to obtain remote exclusive control of the 
device. Where the device is under exclusive control of another user, a 
determination may be made whether the user requesting remote exclusive 
control of the device has a higher priority than the other user and, if the 
requesting user does have a higher priority than the other user, exclusive 
control of the device may be temporarily yielded to the requesting user, 
thereby providing the requesting user with remote exclusive control of the 
device. 

In a case where the user is added to the reservation queue of 
users requesting exclusive control of the device, the user may be added at a 



position within the reservation queue based on a priority of the user. The user 
advances in the reservation queue as other users are removed from the 
reservation queue, and when the user reaches a first position within the 
reservation queue, the user may be provided with remote exclusive control of 
the device and notified of such. Alternatively, the user may be notified that 
remote exclusive control of the device can be obtained and then the device 
waits a predetermined time for the user to confirm that remote exclusive 
control is to be provided. After the predetermined time has elapsed, the user 
may be removed from the reservation queue and notified of such, or 
alternatively, the user may be moved to a new position within the reservation 
queue and notified of the new position. The new position may be a last 
position within the reservation queue, or may be based on the user's priority as 
compared with other user's in the reservation queue. 

In a further aspect, where the user is provided with remote 
exclusive control of the device, identification information of the user may be 
obtained and, based on the obtained identification information, print jobs 
within a print queue may be automatically manipulated so as to print out print 
jobs pending in the print queue for the user during a period in which the user 
maintains remote exclusive control of the device, while temporarily deferring 
other print jobs pending in the print queue. As a result, when a user requests 
remote exclusive control of the device, the user's identity is obtained and print 
jobs pending in the queue that correspond with the user's identity are 
automatically advanced in the queue and printed out ahead of other print jobs. 
Therefore, the user does not have to manually manipulate the queue in order to 
advance his print jobs and have them printed out, but rather, the process is 
performed automatically by merely utilizing the identification information of 
the user. Accordingly, a less labor intensive print queue management process 
is provided for. 

This brief summary has been provided so that the nature of the 
invention may be understood quickly. A more complete understanding of the 



invention can be obtained by reference to the following detailed description of 
the preferred embodiments thereof in connection with the attached drawings. 



BRIEF DESCRIPTION OF THE DRAWINGS 
5 Figure 1 is a representative view of a networked computing 

environment in which the present invention may be implemented. 

Figure 2 is a detailed block diagram showing the internal 
architecture of the computer of Figure 1. 

Figure 3 is a detailed block diagram of the internal architecture 
10 of the printer of Figure 1 . 

Figure 4 is a detailed block diagram of the internal architecture 
of the server of Figure 1. 

Figure 5 depicts one system arrangement in which the invention 
may be employed. 

15 Figures 6A is a flowchart depicting process steps for submitting 

a print job for printing. 

Figure 6B is a flowchart depicting process steps for a print 
queue insertion thread. 

Figures 6C is a flowchart depicting process steps for obtaining 
20 control of a printing device after authentication is successfully completed. 

Figure 6D is a flowchart depicting process steps for processing 
of a print job for printing after exclusive control is obtained. 

Figure 6E is a flowchart depicting process steps for a print 
queue extraction thread. 
25 Figure 6F is a flowchart depicting process steps for obtaining 

control of a printing device before authentication is successfully completed. 

Figure 7 depicts an arrangement of print jobs in a print queue 
for a first example. 

Figure 8 depicts an arrangement of print jobs in a print queue 
30 for a second example. 
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Figure 9 depicts an arrangement of print jobs in a print queue 
for a third example. 

Figures 10 through 12 depict arrangements of print jobs in a 
print queue for a fourth example. 
5 Figure 13 depicts an alternate system arrangement in which the 

invention may be employed. 

Figure 14 depicts an alternate system arrangement in which the 
invention may be employed. 

Figure 15 depicts a facsimile system arrangement in which the 
1 0 invention may be employed. 

Figures 16 is a flowchart of process steps for obtaining 
exclusive control in the absence of authentication. 

Figure 17A depicts a printer having a display and keypad that 
may be used in practicing the invention. 
15 Figures 17B through 17D depict the display of Figure 17A 

providing various printing options to the recipient. 

Figure 1 8 depicts an example of a network in which remote 
exclusive control according to the invention may be employed. 

Figures 19A to 19C are flowcharts depicting process steps for 
20 performing remote exclusive control of a device according to the invention. 

Figures 20 and 21 depict examples of a reservation queue of 
users requesting to obtain exclusive control of a device. 

Figures 22A to 22D are flowcharts of process steps for 
remotely obtaining exclusive control of a device from another user already 
25 having exclusive control of the device. 

Figures 23 A to 23D depict examples of a reservation queue for 
a case were a priority user obtains exclusive control from another user having 
exclusive control of a device. 



30 
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DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 
Figure 1 provides an overall system view of a networked 
computing environment in which the present invention may be implemented. 
Although the following description focuses primarily on the networked 
computing environment shown in Figure 1 , the present invention may be 
implemented in various alternative systems. For example, the present 
invention may be implemented in any arrangement including those shown in 
Figures 5 and 13 to 15. 

As shown in Figure 1, the networked computing environment 
comprises a network 100 which is connected to desktop computer 10, laptop 
computer 20, server 40, digital copier 30 and printer 50. Network 100 is 
preferably an Ethernet network medium consisting of a bus-type physical 
architecture, although the invention can be utilized over other types of 
networks, including the Internet or an intranet. 

Desktop computer 10 maybe an IBM PC-compatible computer 
having a windowing environment such as Microsoft Windows 95, Windows 
98 or Windows NT, a Macintosh workstation, a UNTX workstation, a Sun 
Microsystems workstation, or virtually any workstation from which print jobs 
may be submitted for printing. For the purposes of brevity, only an IBM PC- 
compatible workstation will be described herein. As is typical with IBM PC- 
compatible computers, desktop computer 10 preferably has a display, 
keyboard, mouse, floppy drive and/or other type of storage medium (not 
shown). Also attached to desktop computer 10 is smart card interface device 

15 for interfacing with a smart card of a computer user, such as smart card 16. 
Smart card 16 therefore provides a mechanism whereby a computer user can 
authenticate the user's identity to desktop computer 10, printer 50 or digital 
copier 30. Although the use of smart card interface device 15 and smart card 

16 are described herein, other mechanisms such as a hardware token and token 
reader may also be used. 

Similar to desktop computer 1 0, laptop computer 20 also may 
be any type of laptop from which print jobs may be submitted for printing. 
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However, for brevity, only an IBM PC-compatible computer having a 
windowing environment such as Microsoft Windows 95, Windows 98 or 
Windows NT will be discussed herein. Like desktop computer 1 0, laptop 
computer 20 also has a display, keyboard, mouse and floppy drive or other 
storage means (not shown). In addition, laptop computer 20 also has a smart 
card interface device 25 attached to it for interfacing to the smart card of a 
computer user such as smart card 26. 

Also attached to network 100 are digital copier 30 and printer 
50 which are capable of receiving image data over network 100 for printing. 
Digital copier 30 also has attached smart card interface device 35 for 
interfacing with the smart card of a print job recipient, such as smart card 36. 
Printer 50 likewise has smart card interface 55 for interfacing with smart card 
56. 

Additionally, server 40 is connected to network 100. Server 40 
may be any type of computer that functions as a server such as a Compaq 
Prosignia 1600 server. Also, server 40 may utilize any network operating 
system such as Novell Netware, Windows NT, DOS, Windows 95/98 or 
UNIX. The present invention is not limited to any particular server type or 
operating system and may be implemented with any server and operating 
system in which print jobs are printed over a network. Server 40 has a storage 
device 41 which is preferably a large fixed disk for storing numerous 
application document files, print data files or other data files. Additionally, 
server 40 preferably contains a print queue within the fixed disk for storing 
and managing print data processed through server 40, Server 40 can be 
utilized by other devices on network 100 as a file server and may also act as a 
gateway for other devices on network 100 to another network such as the 
Internet. 

Printer 50 may be any type of printing device from which 
images may be printed. For example, printer 50 may be a laser or bubble-jet 
printer which is capable of operating as both a printer and a facsimile device. 
Printer 50 may have a storage device 51 that is preferably a large fixed disk. 
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Storage device 5 1 may be utilized for storing print data received by printer 50. 
However, as will become apparent from the discussion below, a print queue 
and print data storage device is preferably provided in server 40. Printer 50 
also has an embedded smart-chip 57 which performs various functions related 
to encryption/decryption (if necessary) and authentication of a recipient. In 
addition, printer 50 is connected to smart card interface device 55 which is 
capable of interfacing with a smart card of a print job recipient, such as smart 
card 56. In this manner, the printing of a print job that requires authentication 
of the recipient may be controlled through the use of smart card interface 
device 55 and smart card 56, in combination with smart-chip 57 in printer 50. 

Figure 2 is a block diagram showing an overview of the internal 
architecture of desktop computer 10. In Figure 2, desktop computer 10 is seen 
to include central processing unit (CPU) 210 such as a programmable 
microprocessor which is interfaced to computer bus 200. Also coupled to 
computer bus 200 are keyboard interface 220 for interfacing to a keyboard, 
mouse interface 230 for interfacing to a pointing device, floppy disk interface 
240 for interfacing to a floppy disk, display interface 250 for interfacing to a 
display, network interface 260 for interfacing to network 100, and smart card 
interface 265 for interfacing to smart card interface device 15. 

Random access memory (RAM) 270 interfaces to computer bus 
200 to provide CPU 210 with access to memory storage, thereby acting as the 
main run-time memory for CPU 210. hi particular, when executing stored 
program instruction sequences, CPU 210 loads those instruction sequences 
from fixed disk 280 (or other memory media) into RAM 270 and executes 
those stored program instruction sequences out of RAM 270. It should also be 
noted that standard-disk swapping techniques available under windowing 
operating systems allow segments of memory to be swapped to and from 
RAM 270 and fixed disk 280. Read-only memory (ROM) 290 stores invariant 
instruction sequences, such as start-up instruction sequences for CPU 210 or 
basic input/output operation system (BIOS) sequences for the operation of 
peripheral devices attached to computer 10. 
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Fixed disk 280 is one example of a computer-readable medium 
that stores program instruction sequences executable by CPU 210 so as to 
constitute operating system 281, printer driver 282, smart card interface driver 
283, other drivers 284, word processing program 285, other programs 286, 
5 e-mail program 287 and other files 288. As mentioned above, operating 

system 281 is preferably a windowing operating system, although other types 
of operating systems may be used with the present invention. Printer driver 
282 is utilized to prepare image data for printing on at least one image forming 
device, such as printer 50. Smart card interface driver 283 is utilized to drive 

10 and control smart card interface 265 for interfacing with smart card interface 

device 15 so as to read and write to a smart card such as smart card 16. Other 
drivers 284 include drivers for each of the remaining interfaces which are 
coupled to computer bus 200. 

Word processing program 285 is a typical word processor 

15 program for creating documents and images, such as Microsoft Word, or Corel 

WordPerfect documents. Other programs 286 contains other programs 
necessary to operate desktop computer 10 and to run desired applications. E- 
mail program 287 is a typical e-mail program that allows desktop computer 10 
to receive and send e-mails over network 100. Other files 288 include any of 

20 the files necessary for the operation of desktop computer 10 or files created 

and/or maintained by other application programs on desktop computer 10. For 
example, Internet browser application programs, such as Microsoft Internet 
Explorer or Netscape Navigator, may be included in other files 288. 

Figure 3 is a block diagram showing an overview of the internal 

25 architecture of printer 50. In Figure 3, printer 50 is seen to contain a printer 

smart-chip 57 which may be utilized in conjunction with smart-chip driver 358 
for performing certain cryptographic operations. Printer 50 also contains a 
central processing unit (CPU) 310 such as a programmable microprocessor 
which is interfaced to printer bus 300. Also coupled to printer bus 300 are 

30 control logic 320, which is utilized to control printer engine 325 of printer 50, 

I/O ports 330 which is used to communicate with various input/output devices 
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of printer 50 (not shown), smart card interface 365 which is utilized to 
interface with smart card interface device 55, network interface 360 which is 
utilized to interface printer 50 to network 100, and control device interface 356 
which is utilized to interface with a device for obtaining control of the printer 
operations. 

Control device interface 356 may interface with virtually any 
type of mechanism that a user may activate to obtain control of the printer. 
For instance, control device interface 356 may interface with a button on a 
control panel of printer 50, whereby the user pushes the button to gain control 
over the printer. When the button is pressed, an indication of such is provided 
to print engine control logic 351, whereby the user gains control over the print 
engine operations. Of course, other processes could be used to gain control 
over the printer including a user entering a username (identification) at a 
control panel of printer 50, or by an authentication device beginning or 
completing an authentication process. As will be described in more detail 
below, the authentication process may be any of a number of processes, 
including but not limited to entering a username and password, insertion of a 
smart card or hardware token into a reader, a wireless token (such as a 
speedway pass), or turning of a key. 

Control device interface 356 also interfaces with mechanisms 
for relinquishing control of the printer. For example, a control panel of printer 
50 may include one button for obtaining control, and a different button for 
relinquishing control of the printer. In a similar manner as described above, 
when a device for relinquishing control of the printer is activated, regardless of 
the type of device, control device interface 356 supplies an indication that the 
relinquishing device has been activated to print engine control logic 351, 
whereby the user relinquishes control over the print engine operations and 
normal printing operations resume. 

Also coupled to printer bus 300 are EEPROM 340, for 
containing non-volatile program instructions, random access memory (RAM) 
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370, printer memory 51 and read-only memory (ROM) 390. RAM 370 
interfaces to printer bus 300 to provide CPU 310 with access to memory 
storage, thereby acting as the main run-time memory for CPU 310. In 
particular, when executing stored program instruction sequences, CPU 310 
5 loads those instruction sequences from printer memory 51 (or other memory 

media) into RAM 370 and executes those stored program instruction 
sequences out of RAM 370. ROM 390 stores invariant instruction sequences, 
such as start-up instruction sequences for CPU 310 or BIOS sequences for the 
operation of various peripheral devices of printer 50 (not shown). 

10 Printer memory 51 is one example of a computer-readable 

medium that stores program instruction sequences executable by CPU 310 so 
as to constitute printer engine logic 351, control logic driver 352, I/O port 
drivers 353, smart card interface driver 354, other files 357, printer smart-chip 
driver 358, and e-mail program 359. Printer engine logic 351 and control 

15 logic driver 352 are utilized to control and drive the printer engine 325 of 

printer 50 so as to print an image according to image data received by printer 
50, preferably over network 100. I/O port drivers 353 are utilized to drive the 
input and output devices (not shown) connected through I/O ports 330. Smart 
card interface driver 354 is utilized to drive smart card interface 365 for 

20 interfacing to smart card interface device 55, thereby enabling printer 50 to 

communicate with a smart card such as smart card 56 during the process of 
authenticating a recipient. 

Other files 357 contain other files and/or programs for the 
operation of printer 50. Printer smart-chip driver 358 is utilized to interface 

25 with printer smart-chip 57 for certain cryptographic operations. E-mail 

program 359 is a typical e-mail program for enabling printer 50 to receive e- 
mail messages from network 100. Such e-mail messages may contain print 
job-related information, as discussed in more detail below. Printer memory 51 
also includes FTP/HTTP client 395 which provide the ability to retrieve files 

30 over the network through network interface 360. Also connected to printer 
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bus 300 are display interface 375 and keypad interface 385. As will be 
described below, printer 50 may include a display and keypad that provides a 
recipient with an option to retrieve a print job from a remote storage location 
utilizing, for example, FTP/HTTP client 395. 
5 Figure 4 is a block diagram showing an overview of the internal 

architecture of server 40. In Figure 4, server 40 is seen to include a central 
processing unit (CPU) 410 such as a programmable microprocessor which is 
interfaced to computer bus 400. Also coupled to computer bus 400 is a 
network interface 460 for interfacing to network 100. In addition, random 

10 access memory (RAM) 470, fixed disk 41, and read-only (ROM) 490 are also 

coupled to computer bus 400. RAM 470 interfaces to computer bus 400 to 
provide CPU 410 with access to memory storage, thereby acting as the main 
run-time memory for CPU 410. In particular, when executing stored program 
instruction sequences, CPU 410 loads those instruction sequences from fixed 

15 disk 41 (or other memory media) into RAM 470 and executes those stored 

program instruction sequences out of RAM 470. It should also be recognized 
that standard disk-swapping techniques allow segments of memory to be 
swapped to and from RAM 470 and fixed disk 41. ROM 490 stores invariant 
instruction sequences, such as start-up instruction sequences for CPU 410 or 

20 basic input/output operating system (BIOS) sequences for the operation of 

peripheral devices which may be attached to server 40 (not shown). 

Fixed disk 41 is one example of a computer-readable medium 
that stores program instruction sequences executable by CPU 410 so as to 
constitute operating system 41 1, network interface driver 412, 

25 encryption/decryption logic 413, e-mail program 414, queue 415, FTP/HTTP 

client 495, FTP/HTTP server 496 and other files 416. As mentioned above, 
operating system 411 can be an operating system such as DOS, Windows 95, 
Windows 98, Windows NT, UNIX, Novell Netware or other such operating 
system. Network interface driver 412 is utilized to drive network interface 

30 460 for interfacing server 40 to network 100. E-mail program 414 is a typical 
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e-mail program and enables server 40 to receive and/or send e-mail messages 
over network 100. Queue 415 is utilized to store numerous print jobs for 
output on one or more image forming devices, such as printer 50. Other files 
416 contains other files or programs necessary to operate server 40 and/or to 
5 provide additional functionality to server 40. FTP/HTTP client 495 provides 

server 40 with the ability to retrieve data files via FTP and HTTP protocols 
over the network through network interface 460. Additionally, FTP/HTTP 
server 496 of server 40 can be accessed by FTP/HTTP client 395 of printer 50 
or an FTP/HTTP client in a workstation such as computer 10. 

10 Obtaining temporary exclusive control of a printing device will 

now be described in more detail. However, a brief description of what is 
meant by obtaining temporary exclusive control, how exclusive control can be 
obtained, relinquishing exclusive control, what a user can do while he has 
exclusive control, and some of the terms used in the following discussion will 

15 be presented first. Obtaining exclusive control generally refers to blocking 

access to the printing device and gaining control of the print engine operations 
of the printing device. Blocking access means control over network access to 
the printing device, control over all other communication interfaces of the 
printing device and printing of printer status pages or other administrative 

20 operations. For instance, control over network access may be control over 

access to print jobs, or, if the printing device is a multi-function device, 
control over incoming jobs such as incoming facsimiles. Control over the 
communication interfaces may be control over communication channels such 
as parallel and serial ports, USB (Universal Serial Bus) ports, infrared devices, 

25 RF devices, etc. 

Additionally, control may be obtained either in conjunction 
with an authentication process or without regard to an authentication process. 
In a case where control is obtained in conjunction with an authentication 
process, control maybe obtained either at the beginning of the authentication 

30 process or after the authentication process has completed. In the former case 
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where control is obtained at the beginning of the authentication process, 
control is relinquished if the authentication process fails. On the other hand, 
in the latter case, control is not obtained until a successful authentication 
process has been completed. 

There are numerous authentication processes that could be 
performed, some of which are described in more detail below. Briefly, the 
authentication processes may include entering a username and password, 
insertion of a smart card or hardware token into a reader, reading of a wireless 
token (such as a speedway pass), turning of a key, or biometrics. Of course, 
the invention is not limited to any particular authentication process and the 
invention may be employed with any type of authentication process, including 
those listed above. 

Control may also be obtained without an authentication 
process. For example, a user may enter a username on a keypad at the printer, 
thereby gaining control. This process does not necessarily perform an 
authentication process, but rather merely identifies the user and provides him 
with control over the printer upon entering his username. Additionally, the 
printer may be provided with a button for gaining control. In this manner, a 
user who wants to gain control over the printer merely presses the button and 
is provided control over the printer. As can readily be seen, this type of device 
for gaining control has no correlation to the user and therefore any user could 
obtain control in this manner. The invention is not limited to these methods of 
gaining control and virtually any device that provides the ability to gain 
control over the printer could be used. 

After the user gains control of the printer, the printer generally 
only returns to normal printing operations when the user relinquishes control. 
Similar to the process of gaining control, there are numerous ways in which a 
user could relinquish control and the invention is not limited to any one 
particular way. Some examples of ways to relinquish control may be pressing 
a button on a control panel of the printer, a user activity timeout, completion 
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of pending print operations and a user activity timeout, removal of a smart 
card or hardware token from the reader, or removal of a smart card or 
hardware token from the reader in conjunction with completion of pending 
print operations, a user activity timeout and a token timeout. Additionally, an 
authentication/authorization failure could be utilized to relinquish control. 

While the user has exclusive control over the printer operations, 
there are various operations that can be performed. For instance, if the printer 
is a multi-function device such as a printer/facsimile or a printer/copier, the 
user can perform facsimile operations to send a facsimile or to print out a 
facsimile message stored in an electronic mailbox, or they may perform 
copying operations to produce photocopies. Additionally, the user may 
browse a network for files to print in the printer. For instance, the user could 
browse a network for files stored in a file server or an e-mail server. 
Additionally, the user could utilize a URL (Universal Resource Locator) to 
retrieve a file from the Internet or an intranet location and have it printed on 
the printer. Further, the user could access a listing of print jobs contained in a 
print queue of the printer. The listing could be provided to display all print 
jobs, only print jobs belonging to the user, or only authenticated print jobs 
belonging to the user (if the user is authenticated). Therefore, the user could 
select a print job from the queue to print. As can readily be seen, there are 
numerous operations that can be performed by the user once he has exclusive 
control over the printer. The foregoing are merely some examples of 
operations that could be performed and the invention is not limited to these, 
but may include other operations as well. 

Regarding some of the terms used in the following discussion, 
the term "sender" refers to the person who submits a print job from a host 
computer, or sending node, to be printed out by an image forming device. The 
"intended recipient" refers to the person holding the proper credentials with 
which he can authenticate himself at the image forming device. In some cases, 
the sender and the intended recipient may be one in the same. That is, the 
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person who sends the print job may also hold the proper credentials to 
authenticate himself at the image forming device. In other cases, the sender 
and the intended recipient may be different individuals. For example, the 
sender may submit a print job that is to be retrieved by someone other than 
himself who holds the proper credentials to be authenticated at the image 
forming device. However, in the examples described below, the "intended 
recipient" refers to the person holding the proper credentials with which he can 
authenticate himself at the image forming device, regardless of who submitted 
the print job. 

The term "sending node" refers to an entity that submits print 
jobs to a printer. This may include, but is not limited to, a personal computer 
or an intermediate server other than a print server. A print job may be 
submitted directly from a sending node to a print server or to a printer itself. 

A "print queue" refers to a software and hardware mechanism 
for storing print jobs. The mechanism may include, but is not limited to, 
buffers in RAM, RAM disks, hard disks, and flash disks. The print queue may 
be located in any one of several locations, including a personal computer that 
submits the print jobs (sending node), a network printer itself, a stand alone 
print server, or a personal computer acting as a print server. The print queue is 
a temporary storage location for print jobs before they are submitted to the 
printer for printing. 

A "print server" refers to a software mechanism to receive print 
jobs and send them to a printer for printing. The print server may be a stand 
alone print server such as a Novell Pserver, may be contained within a network 
printer itself, or may be contained within another personal computer. In a case 
where the print server is contained within another personal computer, the print 
server in the personal computer may accept print jobs from another sending 
personal computer and then submit them to a print server located within a 
networked printer. 



-21 - 



A "printing device" refers to an entity that processes the print 
jobs and prints out an image onto a recording medium. Examples of printing 
devices include bubble-jet printers, laser printers, facsimile machines, and 
network copier/printer machines. It should be noted that the present invention 
5 may be utilized in any image forming device, including but not limited to the 

foregoing image forming devices. 

"Accounting software" refers to a computer program that 
performs accounting tasks for network printing. Such a program may be 
provided in a centralized accounting server that retrieves usage information 

10 from all printers in the network. The program could also reside on a print 

server, within a personal computer acting as a print server, or virtually any 
other device that is capable of collecting print job usage information from 
print jobs printed out by printers in the network. 

hi the following discussion, the term "normal print job" means 

15 a print job that does not contain any special electronic header information or 

other information identifying any particular recipient with the print job and 
that does not require authentication of the recipient in order to be printed. 
Normal print jobs are generally processed by the print server to be printed out 
in turn, i.e. after other print jobs already received by the printer. They do not 

20 require recipient authentication in order to be printed and therefore are not 

held off from being printed until a recipient presents the proper authentication 
information. 

The term "authenticated print job" means a print job that can 
only be printed out after the intended recipient has been authenticated. That is, 
25 an authenticated print job contains unique identification information of the 

intended recipient and is held off from being printed until the recipient has 
been authenticated at the printer. Once the recipient has been authenticated, 
the authenticated print job is released for printing. 

Figure 5 depicts one system arrangement in which the present 
30 invention may be employed. The invention is not limited to being employed 
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in the system of Figure 5 and as will be described below, may be employed in 
numerous other systems. As shown in Figure 5, one or more sending nodes 
510 such as computer 10, a print server 540 such as server 40, and at least one 
printing device 550 such as printer 50, communicate via a network 500. In 
this regard, network 500 may be any type of network, including a local area 
network (LAN), a wide area network (WAN), the Internet, an intranet or any 
other type of network. A hard-wired network connection is not necessarily 
required and the present invention may be employed where the computer and 
printer communicate via a wireless connection. Also attached to printer 550 is 
smart card interface device 555. 

hi the present system shown in Figure 5, a print queue is 
external to printer 550 and is preferably included within server 540. A case 
where the print queue is included within the printer itself rather than being 
external to the printer will be described in more detail below with regard to 
Figure 14. 

As stated above, exclusive control can be obtained either in 
conjunction with authentication or without regard to authentication, hi the 
following discussion, exclusive control in conjunction with authentication will 
be discussed first and then a discussion of exclusive control without regard to 
authentication will be provided. 

Figures 6A, 6B, 6C and 6D are flowcharts depicting process 
steps for obtaining control of a printing device in conjunction with 
authentication where control is obtained after a successful authentication 
process. Briefly, the process steps comprise print data being submitted from a 
sending node to a print queue, determining whether the print job is an 
authenticated print job and if so, deferring printing until the intended recipient 
is authenticated, authenticating the intended recipient, deferring printing of 
print jobs in the print queue, the authenticated recipient selecting print jobs to 
be printed out, the authenticated recipient relinquishing control and the 
printing device resuming normal printing operations. 
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As shown in Figure 6A, in step S600, in order to submit a print 
job, a user activates a print driver at a sending node such as desktop computer 
10 or laptop computer 20. For example, if the sender is utilizing a word 
processor application program, such as Microsoft Word or Corel WordPerfect, 
5 and wants to print the document, he would normally select a print option 

within the application program, thereby activating a print driver. The print 
driver usually permits the sender to select printing options, such as printing 
speed, print resolution, or number of copies. For the present invention, one 
option would be to select an authenticated printing mode. In this regard, if the 

1 0 sender wants the print j ob to only be printed out after the recipient has been 

authenticated at the printer, the sender would select this mode. Of course the 
invention is not limited to selection of an authenticated print mode in a print 
driver and other processes for submitting authenticated print jobs may be 
utilized instead. For instance, if the print driver has the ability to 

1 5 automatically detect that a smart card is inserted in the smart card reader, the 

print driver may automatically obtain the recipient's identification information 
from the smart card and submit the print job as an authenticated print job, 
without the need for a user to select an authenticated print mode in the print 
driver. As such, any method for submitting an authenticated print job could be 

20 utilized. 

In Figure 6A, if the print job is an authenticated print job, print 
data is submitted along with user identification information (step S601). The 
user identification information may be a distinguished name contained in a 
digital certificate, a user/personal identification number, biometric 

25 information, or any other information that uniquely identifies the intended 

recipient. The identification information links the print job to the intended 
recipient so that only the intended recipient is able to print the print job. More 
specifically, identification information (such as the intended recipient's first 
name, last name, country, locality (city), organization, organization unit, or 

30 other information that is unique to him) is linked to the print job. The actual 
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identification information linked to the print job is implementation dependent. 
It could simply be a user ID number or perhaps an entire digital certificate. Of 
course, the sender would not have biometric information of the recipient since 
such information requires the recipient to be present at the sending node and to 
supply such information himself. However, after the sender submits the print 
job utilizing the recipient's distinguished name or digital certificate, the 
recipient may be authenticated at the image forming device by a biometric 
device. Therefore, there may be a distinction between the types of devices 
utilized in linking the recipient's information to the print job for submitting 
the authenticated print job and the types of devices utilized in authenticating 
the recipient. 

The recipient's information may be obtained and linked to the 
print job by various methods. For example, the sender could insert a smart 
card into a smart card reader located at the sending node, such as smart card 
reader 15 connected to computer 10 as seen in Figure 1. The smart card 
contains the intended recipient's unique identification information in digital 
form which is supplied to the computer through smart card interface 265. 
Alternatively, the information may be obtained from a digital certificate via a 
Public Key Infrastructure, by e-mail or some other device. In this case, the 
information could be downloaded to computer 10 over the Internet to be 
subsequently submitted with the print job. 

Further, biometric identifying information such as fingerprints 
or retinal scans of the recipient could be utilized such that a biometric device 
at the printer could be used to authenticate the recipient. Therefore, any device 
that provides unique identification information about the recipient to the 
sending node and subsequently performs authentication of the recipient could 
be used. 

Of course, authenticated print jobs are not the only type of print 
jobs that can be submitted by the sending node and the invention is not limited 
to use with authenticated print jobs. The sender could select a normal print 
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job mode from the printer driver wherein a normal print job not requiring 
authentication of the recipient would be submitted. Thus, in the present 
example, step S601 would be omitted. 

Referring again to Figure 6A, once the identification 
information has been provided in step S601, the authenticated print job is 
submitted for printing from the sending node (step S602). hi Figure 5, the 
authenticated print job is submitted to a print queue contained within server 
540. However, as previously stated, the print job is not required to be 
submitted to a print queue in a server and may be submitted to a print queue 
within the sending node itself, across a network to an intermediate server or to 
a print server contained within a printer itself. 

Figure 6B depicts process steps of a print queue insertion 
thread. In Figure 6B, after the authenticated print job has been submitted by 
the sending node, the print queue insertion thread unblocks from waiting for a 
print job (step S603) in order to receive and store the print job (step S604). A 
determination is then made whether the received print job is an authenticated 
print job (step S605). If the print job is not an authenticated print job, control 
returns to step S603 and this thread waits to receive another print job. Note 
that a separate print queue extraction thread is responsible for removing print 
jobs from the queue and sending them to the printer to be printed (depicted in 
Figure 6E). 

hi most cases, upon receiving the print data from the print 
queue, the printer buffers the data in memory and begins processing the data to 
print out an image. However, in some printers, once the print data is 
submitted from the queue to the printer, the printer may temporarily store the 
data in a local disk within the printer rather than buffering the print data in 
memory. In these printers, once sufficient data has been stored on the disk, the 
printer may begin buffering the data from the local disk into the printer's 
memory and then begin printing while the remainder of the data continues to 
be stored to the disk. Of course, the printer may also wait for the entire print 
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job to be stored in the local disk before data begins buffering rather than 
beginning to buffer data once sufficient data has been stored on the disk. 

Returning to step S605, if the print job is an authenticated print 
job, then a determination is made whether or not the recipient has been 
authenticated (step S606). This determination may comprise the print queue 
performing a polling operation to poll the printer for the recipient's 
identification information. If the recipient has been authenticated, then the 
printer would respond to the queue with the recipient's identification 
information. If the recipient has not been authenticated, the printer may either 
provide a negative response or no response at all. If the recipient is not yet 
authenticated, then flow proceeds to step S607 where the print queue registers 
with the printer to receive a notification when the recipient is authenticated. 
Thus, the print job is deferred from printing until the recipient holding the 
proper authentication information presents the authentication information at 
the printer. The print data may be stored in the print queue or in a print server. 

There are various methods in which an authenticated print job 
may be deferred from being printed until the recipient is authenticated. One 
method is for the print queue to attempt to establish communication with the 
printer in order to submit the print data to it for printing. Upon attempting to 
establish communication, the print queue may request the recipient's 
authentication information. If the printer has not received authentication 
information from the recipient, i.e. the recipient has not yet been authenticated 
at the printer, then the print queue may register with the printer for the printer 
to notify it when the recipient has been authenticated. In the present example, 
since the recipient has not yet been authenticated, the printer fails to return the 
necessary authentication information and the print queue registers with the 
printer and waits to send the print job data to the printer after receiving 
notification (step S607). 

Another method of deferring printing of an authenticated print 
job may be accomplished by using a polling mechanism. Several network 
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protocols utilize a request/response routine. In this regard, once the queue 
receives an authenticated print job, the protocol requests the recipient's 
authentication information from the printer. If the recipient has not arrived at 
the printer and has not presented the authentication information to the printer, 
then the printer returns a negative response or no response at all and the print 
job is deferred from being printed. Repeated requests are preformed over set 
time intervals by the protocol, each receiving a negative response or no 
response until the recipient presents the authentication information to the 
printer. Once the recipient has been authenticated, the protocol receives the 
required information and then submits the print data to the printer for printing. 

The invention will now be described in more detail by way of 
several examples. A first example will discuss a printer receiving both normal 
and authenticated print jobs where the recipient has not yet been authenticated. 
A second example will discuss a case where only authenticated print jobs are 
in the queue, a recipient is authenticated and opts to print all of his 
authenticated print jobs and promptly relinquishes control. A third example 
will discuss a case where both normal and authenticated print jobs are in the 
queue, a recipient is authenticated and opts to select all of his authenticated 
print jobs and promptly relinquishes control. A fourth example will discuss a 
case where both normal and authenticated print jobs are in the queue, a 
recipient is authenticated and maintains control. The fourth example also 
includes a discussion of additional print jobs being received by the queue 
while the recipient maintains control. A fifth example will discuss an 
authenticated recipient selecting which print jobs to print, including print by 
reference print jobs, and selecting a print job from a network, such as via the 
Internet or an intranet. 

In a first example, a print queue that contains both normal and 
authenticated print jobs will be described with reference to Figures 7 and 8. In 
this example, it is assumed that no authentication has been provided by any 
recipient to the printer. As shown in Figure 7, the print queue, such as queue 
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415 in server 40, contains six print jobs 601 to 606. Print jobs 601, 602, 604 
and 605 are normal print jobs and print jobs 603 and 606 are authenticated 
print jobs. Each print job in the queue was received by the queue in ascending 
order. 

5 The print queue extraction thread of Figure 6E begins 

processing of each of the print jobs in the order in which they were received. 
Therefore, since print job 601 was received first, the print queue processes it 
first. As shown in Figure 7, print job 601 is a normal print job. Since no other 
print jobs are being printed by the printer and the print job does not require 

10 recipient authentication, the print queue establishes communication with the 

printer and submits the print data to the printer where it is buffered and printed 
out (steps S652 and S653 as shown in Figure 6E). While the printer is busy 
processing print job 601, print jobs 602 through 606 continue to be stored in 
the queue until their turn to be processed arrives (the result of a NO 

15 determination in step S652). 

Once all of the print data for print job 601 has been buffered, 
the print job is removed from the queue (step S654) and the print queue begins 
processing the next print job in the queue, print job 602. Since print job 602 is 
also a normal print job and does not require recipient authentication to be 

20 printed, the print data is submitted by the queue to the printer where it begins 

buffering in the printer while print job 601 completes printing. Once print job 
601 completes printing and sufficient print data for print job 602 has been 
buffered, the printer begins to print print job 602 (step S653). 

Once all of the print data for print job 602 has been buffered, 

25 the print job is removed from the queue (step S654) and the print queue 

attempts to submit the next print job to the printer. In the present example, 
print jobs 603 through 606 are pending in the queue and therefore the print 
queue attempts to submit print job 603. However, since print job 603 is an 
authenticated print job, the print queue extraction thread gets the next print job 

30 in the queue (step S650). 
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Therefore, since print job 604 is a normal print job, like print 
jobs 601 and 602, print job 604 is processed and printed out (steps S652 and 
S653). Likewise, normal print job 605 is processed and printed after print job 
604. Then, following processing of print job 605, the print queue attempts to 
5 submit authenticated print job 606. However, like print job 603, print job 606 

is not printed and remains in the print queue after print job 603 (step S651). 
Therefore, after print jobs 601, 602, 604 and 605 have been printed, the print 
queue appears as shown in Figure 8. 

A second example will now be discussed with regard to Figures 

10 6C, 6D and 8, wherein an authenticated recipient retrieves authenticated print 

jobs 603 and 606 remaining in the queue as shown in Figure 8. In this 
example it is assumed that once the recipient selects an option to print all of 
his authenticated print jobs, he promptly relinquishes control of the printer. 
As stated above, there are several ways in which an 

1 5 authenticated recipient can relinquish control over the printer after he has been 

authenticated. One way would be for the recipient to merely push a release 
button on the printer after he has been notified that he has been successfully 
authenticated and has selected a printing option (such as print all authenticated 
print jobs or select a print job to print). Upon pushing the button, the printer 

20 would notify the print queue that the recipient has relinquished control and 

that it is now available for accepting print jobs, depending upon the printer's 
buffer space availability of course. However, even where the recipient has 
been authenticated and presses a button to release control over the printer, if 
the user opts to print all of his authenticated print jobs pending in the queue, 

25 the authenticated print jobs continue to be processed and are printed out ahead 

of other print jobs. This provides the recipient the ability to gain control over 
the printer just long enough to have his authenticated print jobs printed out 
ahead of other print jobs without the recipient having to wait at the printer 
until all of his print jobs have been printed before he relinquishes control. 

30 Therefore, the recipient can be authenticated and promptly relinquish control 
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so that his print jobs will be printed, but he does not have to wait at the printer 
and can leave the printer and return at a later time to retrieve his hard copy 
printouts if he wants to. 

Other methods for relinquishing control may include the 
recipient entering a code on a keypad or removing his smart card from the 
smart card reader. With the latter method, the recipient presents his smart card 
to the smart card reader, whereby he is authenticated and gains control over 
the printer. As long as the recipient's smart card remains in the smart card 
reader, he remains authenticated and maintains control over the printer. Once 
the recipient removes his smart card from the reader, he is no longer 
authenticated and relinquishes control over the printer. As stated above, the 
invention is not limited to any particular method of relinquishing control and 
the foregoing are merely examples of some of the methods that may be 
employed. 

Returning to the present example, it should be noted that the 
present example relates to a case where only authenticated print jobs are 
pending in the queue at the time the recipient is authenticated and that no 
additional print jobs are received by the queue after the recipient is 
authenticated. A case where print jobs other than authenticated print jobs are 
pending in the queue when the recipient is authenticated or where print jobs 
are received by the queue after the recipient has been authenticated will be 
discussed in more detail below. Additionally, in the present example, it is 
assumed that the recipient is authenticated using a smart card. Of course, as 
stated above any method of authentication could be employed and the 
invention is not limited to use with smart cards. However, for the sake of 
brevity, only the use of smart cards will be discussed in detail. 

Referring to Figure 6C, in order to have print jobs 603 and 606 
printed out, the recipient holding the proper authentication (identification) 
information presents this information to the printer in step S609. For the 
present example, the recipient presents smart card 56 to smart card reader 55 
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attached to printer 50. Once the recipient presents his smart card to the smart 
card reader, the printer processes the information through smart card interface 
365 and smart card interface driver 354 to control logic 320. The printer then 
performs a verification procedure to validate the integrity and authenticity of 
the unique identification information (step S610). If the integrity and 
authenticity check fails (step S61 1), the user is notified of such in step S616. 
If the integrity and authenticity check is successful (step S61 1), an 
authentication process is performed in an attempt to authenticate the recipient 
(step S612). This may comprise printer 50 performing a "challenge/response" 
mechanism, or other process to validate the identity of the recipient (in this 
case, the smart card holder). 

In step S613, a determination is made whether the attempt to 
authenticate the recipient is successful. If the recipient is authenticated, flow 
proceeds to step S614. If the attempt to authenticate has failed, then the 
recipient is notified of the authentication failure (step S616). The notification 
may be provided via a visual display having an error message, an alarm on the 
printer or some other device to indicate that the authentication process has 
failed. 

After authentication, an optional check to determine whether 
the recipient is authorized to use the device maybe performed (step S614). 
This authorization verification may be performed through a mechanism that 
includes but is not limited to directory queries and access control list lookups. 
If the recipient is not authorized to use the device, then he is provided with an 
authorization failure (step S616). If the recipient is authenticated and 
authorized, he may receive a notification to this effect. 

Once the recipient has been authenticated and optionally 
authorized (if an authorization check is provided for), the recipient gains 
exclusive control of the device in the present example and all print jobs 
pending in the queue are deferred and prevented from being printed (step 
S617). Additionally, in step S617, if the print queue has registered to receive a 
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notification from the printer, it is notified that the recipient has been 
authenticated. One way print jobs may be deferred is by the printer providing 
an indication to the queue that it is "busy" or that the printer's buffer is full. 
Recall that in order for print data to be submitted by the queue to the printer, 
5 the queue generally attempts to establish communication with the printer and 

determines whether the printer is available for accepting print data. Therefore, 
if the printer appears busy, then it is unavailable for accepting print data, 
thereby preventing the print jobs in the queue from being sent to the printer. 
In the present example, after the recipient has been authenticated, the printer 
1 0 appears busy for all print jobs in the queue and continues to appear busy until 

the recipient relinquishes control of the printer. It should be noted that the 
present invention is not limited to a busy or buffer full indication and any other 
mechanism for preventing the print jobs from being buffered and printed may 
also be utilized. 

1 5 Upon receiving notification that the recipient has been 

authenticated (step S617), the queue determines whether any authenticated 
print jobs are pending in the queue for the authenticated recipient (step S618). 
If no authenticated print jobs are pending in the queue for the authenticated 
recipient, the recipient is notified of such in step S619. If print jobs are 

20 pending in the queue for the authenticated recipient, then flow proceeds to step 

S622 in Figure 6D. In the present example, print jobs 603 and 606 are 
pending in the queue. 

As seen in Figure 6D, in step S622 a determination is made 
whether the recipient has opted to select a print job to print. In this regard the 

25 recipient may select one or more print jobs from a list of print jobs pending in 

the queue. Alternatively, the recipient may select a print job from a remote 
storage location. A more detailed discussion of recipient selection of a print 
job is provided below with regard to Figures 17A through 17D. If the 
recipient opts for user selection, then flow proceeds to steps S624 and S625 

30 where the recipient selects a print job and the selected print job is released to 
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be printed. If the recipient does not opt for user selection, but rather opts to 
print all of his authenticated print jobs pending in the queue, then flow 
proceeds to step S623 where the next authenticated print job pending in the 
queue for the authenticated recipient is released to be printed. In the present 
5 example, once the user opts to print all of his authenticated print jobs, he 

relinquishes control of the printer by removing his smart card from the reader. 

The next authenticated print job (print job 603 in the present 
example) in the queue is processed through steps S626 to S630, with flow then 
returning to step S620 of Figure 6C. In the preferred embodiment, the 

1 0 recipient is required to maintain control over the printing device in order to 

print all of his authenticated print jobs. That is, each authenticated print job is 
processed one at a time from step S618 to step S630 and back to step S620. 
As such, upon completion of processing print job 603, the printer begins a new 
process to process the next authenticated print job (print job 606). hi the 

15 process for print job 606, the print queue again requests the recipient's 

authentication information from the printer. If the recipient has relinquished 
control in step S620, the printer will provide a negative response or no 
response at all. Therefore, in the preferred embodiment, once the recipient 
relinquishes control (here, by removing his smart card), any authenticated print 

20 jobs pending in the queue for which the print queue has not yet requested the 

recipient's identification information will remain in the queue and will not be 
printed until the recipient is authenticated again. Therefore, once the recipient 
has relinquished control and print job 606 has not yet begun to be processed, 
print job 606 remains in the print queue. 

25 Alternatively, once the recipient has been authenticated and 

opts to print all of his authenticated print jobs pending in the queue, the print 
queue may utilize the recipient's identification information to release and 
process all authenticated print jobs intended for the recipient (print jobs 603 
and 606) in the queue in step S623, before a determination is made in step 

30 S620 whether the recipient has relinquished control, hi this case, both print 
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jobs 603 and 606 would be processed and the print queue would then be 
empty. 

Returning to Figure 6D, when a print job has been released for 
printing in either step S625 or step S623, a determination is made whether the 
5 print job is a print by reference print job (step S626). In the present invention, 

a print by reference print job is one in which the print data is not stored in the 
print queue, but rather is stored in a remote storage location with the print job 
in the queue containing a reference to the remote storage location. If the print 
job is a print by reference, then the queue retrieves the print data from the 

1 0 remote storage location in step S627. If the print job is not a print by 

reference, then flow proceeds to step S628. 

In step S628 the printing process commences and in step S629, 
printing resources utilized during the printing operations are tracked. For 
example, resources such as the number and type of paper or the amount and 

1 5 type of ink utilized during the printing operations may be tracked. The tracked 

resources are then correlated with the authenticated recipient's identification 
information and submitted to an accounting device that utilizes the tracking 
information (step S630). Such an accounting device may be a print server or 
other device that employs an accounting program. It should be noted that in 

20 some cases resource tracking may not be desired and therefore steps S629 and 

S630 may be omitted. 

After printing the authenticated print jobs, a determination is 
made whether the recipient has relinquished control of the printer (step S620 
in Figure 6C). In the present example, recall that the recipient has 

25 relinquished control promptly after being authenticated and selecting an option 

to print all of his authenticated print jobs. That is, he promptly removes his 
smart card from the smart card reader, thereby relinquishing control over the 
printer's print capabilities. In the preferred embodiment, print job 603 is 
processed and after the recipient has relinquished control, the printer provides 

30 a negative response for printing print job 606 and it remains in the queue with 
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the printer returning to normal printing operation where it releases all deferred 
(non-authenticated) print jobs pending in the queue (step S621)(i.e. the printer 
no longer provides a busy indication). 

Of course, with regard to the alternate embodiment, when the 
recipient relinquishes control of the printer before print job 606 is processed, 
the determination in step S620 is not performed until after print job 606 has 
been processed and therefore, the printer does not return to normal printing 
operations until all authenticated print jobs have completed printing. 

A third example will now be described with regard to Figures 
6C, 6D and 9. In this example, print jobs 1001 to 1005 are pending in the 
queue at the time the recipient is authenticated, at least one of which is an 
authenticated print job requiring authentication of the recipient to be printed. 
Like the second example, in the present example the recipient presents the 
proper authentication information using a smart card device and promptly 
removes his smart card from the smart card reader. Also, in the present 
example the recipient does not opt for user selection of print jobs and none of 
the print jobs are print by reference. 

In respect of the present example, the print jobs pending in the 
print queue at the time just prior to step S609 are as shown in Figure 9. 
Therefore, just prior to the recipient presenting his smart card to the smart card 
reader, print jobs 1001 through 1005 are pending in the queue, with print jobs 
1004 and 1005 being the authenticated print jobs pending for the authenticated 
recipient. 

Referring again to Figure 6C, once the recipient has been 
authenticated and authorized (if provided for), the print queue is notified that 
the recipient has been authenticated and all print jobs pending in the queue are 
deferred in step S617 as described above. Again, deferring the print jobs may 
be accomplished by the printer merely providing an indication to the queue 
that it is busy or that the buffer is full, thereby preventing the print jobs in the 
queue from being submitted to the printer. 
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Once all of the print jobs pending in the queue have been 
deferred, the queue determines whether any authenticated print jobs are 
pending for the recipient (step S61 8). The determination may be made by 
matching the authenticated recipient's unique identification information to the 
print jobs pending in the queue. If a match is found, then flow proceeds to 
step S622 of Figure 6D. If no matching print jobs are found, then the recipient 
is notified of such in step S619. In the present example print jobs 1004 and 
1005 are authenticated print jobs matching the authenticated recipient. 
Accordingly, flow proceeds to step S622 where the recipient opts for printing 
all of his authenticated print jobs. Therefore, flow proceeds to step S623 
where print job 1004 is released to print and processed through steps S626 to 
S630. 

Then, flow returns to step S620 of Figure 6C to determine 
whether the recipient has relinquished control. Recall that in the present 
example, the recipient removes his smart card from the reader promptly after 
opting to print all of his authenticated print jobs. Accordingly, in step S620 it 
is determined that the recipient has relinquished control and print job 1005 is 
not released and printed. Therefore, once print job 1004 has printed, the 
remaining non-authenticated (normal) print jobs in the queue are then released 
and processed accordingly (step S621). 

A fourth example will now be described with regard to Figures 
6C, 6D and 10 through 12. In this example, the print queue of Figure 10 is 
initially the same as that shown in Figure 9. However, unlike the previous 
examples, the recipient does not promptly relinquish control over the printer 
once he is authenticated, but rather maintains control over the printer. Also, 
in the present example, after the recipient has been authenticated, additional 
print jobs are received by the queue, the recipient does not opt for user 
selection, and none of the print jobs are print by reference. 

In the present example, steps S609 through S623 are the same 
as described above. To summarize these steps, once the recipient is 
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authenticated, all print jobs in the print queue are deferred and authenticated 
print job 1004 is processed and released to print. Flow then returns to step 
S620 where it is determined that the recipient has not relinquished control and 
therefore flow returns to step S623 to process and release print job 1005. 
5 However, unlike the third example, the print jobs remaining in the queue after 

all authenticated print jobs have been printed (here, print jobs 1001, 1002 and 
1003) are not released, but rather remain deferred in the print queue. This is 
because the recipient has not relinquished control of the printer. in step S620. 
Recall that one way for a recipient to maintain control over the printer is to 
10 merely leave his smart card in the reader, thus continuing to defer printing of 

all print jobs remaining in the queue that are not authenticated print jobs for 
the recipient. 

Accordingly, as shown in Figure 6C, in step S620 a 
determination is made whether or not the recipient has relinquished control. 

1 5 Since the recipient has not relinquished control, the print jobs remain deferred 

with flow returning to step S618 to determine if any additional authenticated 
print jobs are pending in the queue. That is, a determination is made whether 
any new authenticated print jobs have been received by the queue. 

Assuming that the recipient has not yet relinquished control, i.e. 

20 has not removed his smart card from the smart card reader, the present 

example will now be expanded to include receipt of additional print jobs while 
the recipient maintains control over the printer. As shown in Figure 11, print 
jobs 1001, 1002 and 1003 remain deferred in the queue. Additionally, normal 
print job 1006 and authenticated print job 1007 are received by the queue 

25 while the recipient maintains control over the printer. When additional print 

jobs are received, the processing of these print jobs begins at step S603 of 
Figure 6B. Once the print job is added to the queue (step S604), flow returns 
to step S603, unless the print job is an authenticated print job. When the print 
queue insertion thread determines that the print job received is an 

30 authenticated print job (step S605) and that the intended recipient is 
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authenticated at the time the job arrives (step S606), it then waits for another 
print job (step S603). Therefore, print job 1006 in this example is deferred. 
However, since the recipient has already been authenticated, the operations as 
defined in steps S618 to S621 of Figure 6C determine that an authenticated 
5 print job intended for the authenticated recipient is available and thus print job 

1007 is processed and released to be printed similar to print jobs 1004 and 
1005. As a result, any authenticated print jobs intended for the recipient that 
are received by the queue during a period in which the recipient maintains 
control over the printer's print capabilities are printed out, while normal print 

10 jobs are deferred from being printed. Again, once the recipient relinquishes 

control, the printer returns to normal printing operation and print jobs 1001, 
1002, 1003 and 1006 are released and printed. 

In a fifth example, Figure 12 shows a queue after print jobs 
1004, 1005 and 1007 have been printed with print jobs 1001, 1002, 1003, and 

1 5 1 006 remaining deferred and authenticated print j ob 1 008 is received by the 

queue. Authenticated print job 1008 requires authentication of a different 
authenticated recipient. That is, the recipient who has been authenticated at 
the printer is not the intended recipient for the authenticated print job 1008. 
Again, steps S603 to S605 of Figure 6B are the same as described above. 

20 However, in step S606 a determination is made whether the intended recipient 

is authenticated. Since print job 1008 is an authenticated print job, but is for a 
different authenticated recipient, it is not released and printed. Rather, the 
queue registers with the printer to receive notification upon authentication of 
the intended recipient (step S607) and then returns to step S603. This job is 

25 not released and printed until the print queue is notified that the recipient 

holding the proper identification information for print job 1008 has been 
authenticated at the printer. 

The foregoing examples describe the use of a smart card to gain 
control over the printer's print capabilities. However, as previously 

30 mentioned, another device such as a keypad or biometric device could also be 
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utilized to accomplish the same function. The foregoing examples also 
describe the invention in an arrangement where a print queue is contained 
within a server and all data is stored in the print server. However, as will be 
described below, the present invention may be employed in various other 
arrangements. 

One alternative arrangement in which the invention may be 
employed is depicted in Figure 13. As seen in Figure 13, the network may 
include data store 1301 as well as the aforementioned print server. The data 
store may be an additional storage medium, such as a hard disk attached to the 
print server, a separate computer having a hard disk for storing print data, or 
some other type of storage medium. With this arrangement, print data 
submitted from the sending node may be stored in the data store and a 
reference to the stored print data file name and location submitted to the print 
queue. Alternatively, rather than print data being submitted from a sending 
node to the data store as part of a print job submission, the print data may 
reside in the data store prior to the print job being submitted from the sending 
node. In this case, the print job submitted to the queue would merely provide 
a reference to the print data storage location. 

The operation of this arrangement works similarly to the above 
examples. In one difference, once the print job is released to print (step S623), 
a determination is made whether the print job is a print by reference print job 
in step S626. Since the print job is a print by reference, the print queue 
utilizes the print data storage reference location to retrieve the stored print data 
(step S627) and then submits the retrieved print data to the printer. 

The network depicted in Figure 13 may be the Internet. Once 
the print job has been released to print, the print queue retrieves the print data 
over the Internet from the data store and processes it to be printed. 
Accordingly, in order for the print queue to retrieve print data over the 
Internet, the print server is provided with the ability to access the Internet 
through FTP/HTTP client 395 or 495 shown in Figures 3 and 4. 
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The invention is also not limited to an arrangement in which 
the queue is contained within a print server. Rather, the queue may be 
contained within the printer itself, or within a personal computer or other 
device. Such an arrangement may provide a system similar to that shown in 
Figure 14. In Figure 14, sending nodes 1410 communicate with printer 1450 
over network 1400. Attached to printer 1450 is smart card reader 1455. The 
queue may be provided in the printer in a storage disk such as queue 3 1 5 in 
printer memory 5 1 shown in Figure 3. Alternatively, the queue may be 
provided in fixed disk 280 of computer 10. The operation of this arrangement 
would be similar to that described above with one difference being that the 
printer does not need to communicate over a network to an external queue in a 
print server. Rather, the host computer and the printer themselves 
communicate to provide the functionality of the invention. 

Moreover, the present invention is not limited to an 
arrangement of a computer (sending node) and printer communicating over a 
network. In this regard, Figure 1 5 depicts an arrangement where the present 
invention is employed in a facsimile model. To employ the present invention 
in a facsimile model, a facsimile machine capable of providing the recipient's 
unique identification information at the sending facsimile is utilized. 
Therefore, the sending facsimile may also utilize the smart card interface as 
described above. At the receiving end, the facsimile machine stores and defers 
printing of facsimile transmissions similar to the printer model described 
above. Therefore, the present invention of controlling printout operations of 
facsimile transmissions stored in a queue is performed in the same manner as 
the printer model described above. 

In a further aspect of the invention, rather than opting to print 
all authenticated print jobs, a mechanism for the recipient to selectively choose 
which print jobs to print may be provided for. This option refers to user 
selection steps S622, S624 and S625 of Figure 6D. One way to accomplish 
the foregoing may be to provide a display at the printer, such as display 1700 
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of printer 1750 shown in Figure 17 A. The printer may also be provided with a 
keypad 1 720 to allow the recipient to choose from among various options 
shown on the display. Alternatively, the display itself may be a touch panel 
display, thereby eliminating the need for a keypad. 
5 Figure 17B depicts one example of display screen 1700. As 

seen in Figure 17B, once the recipient is authenticated, the display may 
provide an indication to the recipient that he has been authenticated (1701) and 
also provide him with the option to either select a print job to print (1702) or 
to print all print jobs pending in the queue for him (1703). In this aspect of the 

10 invention, the recipient is authenticated in the same manner as described 

above. However, once the recipient is authenticated and opts to select a print 
job to print, all print jobs in the queue are deferred until the recipient selects 
which print jobs to print. If the recipient selects option 1703 (opting to print 
all of his authenticated print jobs), then as described above, all authenticated 

1 5 print jobs pending in the queue, as well as those received by the queue while 

the recipient maintains control over the printer, are processed and printed out 
in the same manner as described above. 

However, in the case where the recipient selects option 1702 
(select a print job to print corresponding to step S624), then additional options 

20 may be provided to the recipient on display 1700. As shown in Figure 17C, 

one further option is option 1704 to select a print job from among those 
pending in the queue. In a case where this option is selected, a listing of the 
print jobs pending in the queue is provided on the display. The listing may 
include all print jobs that are matched with the recipient's identification 

25 information, or may list all print jobs pending in the queue, including normal 

and authenticated print jobs but preferably not jobs intended for other 
recipients. From this listing, the recipient can select one or more print jobs to 
print, either one of his normal print jobs or one of his authenticated print jobs. 
These print jobs are then released and processed in step S625. As long as the 

30 recipient maintains control over the printer, all print jobs in the queue are 
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deferred until they are either released by the recipient selecting them from the 
display or the recipient relinquishes control of the printer. 

As a result of the foregoing, if the queue contains five 
authenticated print jobs all belonging to the recipient and numbered 1 through 
5 respectively, the recipient can choose to only print authenticated print job 5 
without printing authenticated print jobs 1 to 4. He can then return at a later 
time and print any of print jobs 1 to 4. 

Another option shown in Figure 17C is for the recipient to 
select a print job from a network (1705), i.e. a location on a network other than 
the print queue. The network may be any type of network, including a WAN 
(Wide Area Network), a LAN (Local Area Network), an intranet, the Internet, 
a USB, 1394, home network, etc. Print data may be browsed and retrieved 
from the Internet, an intranet, or e-mail using a method similar to that 
disclosed in co-pending U.S. Application 09/465,835, entitled "System For 
Retrieving And Printing Network Documents," filed December 17, 1999, the 
contents of which are incorporated by reference as set forth in full herein. In 
this embodiment however, the front panel interface of the device serves as the 
web browser described in Application 09/465,835. Upon selecting option 
1705, additional options as shown in Figure 17D may be displayed. 

It should be noted however, that in the current aspect of the 
invention, i.e. printing data over the Internet or an intranet, the print jobs 
downloaded are not necessarily authenticated print jobs in the sense that 
authenticated print jobs would ordinarily be provided with the recipient's 
authentication information. In more detail, in each of the previous aspects 
print jobs were submitted from a sending node to a print queue over a network. 
As such, the recipient's identification information was provided at the sending 
node in order for the print jobs to be identified as authenticated print jobs. In 
order to print those print jobs, the recipient had to be authenticated at the 
printer and then the authenticated print jobs were printed out. 
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In the present aspect however, the print job is not being 
submitted by a sending node but rather is being requested from the printer 
itself after the recipient has been authenticated and while he maintains control 
of the printer. Therefore, the printer already knows who the authenticated 
5 recipient is and that the recipient has control of the printer. Therefore, all print 

jobs printed over the Internet or an intranet are released and printed once they 
are downloaded because the recipient has already been authenticated and has 
control of the printer. 

Another aspect of the invention concerns accurate accounting 

10 of resources used in printing operations, such as the amount and type of paper 

used and the amount of ink used. In more detail, accurate accounting of 
resources may be desired in order to bill a particular department within an 
office or a particular person using the resources. Accounting is most 
commonly accomplished by software in a print server that tracks print jobs 

15 based on who submitted the print job. However, this accounting method does 

not accurately reflect the actual recipient who is using the resources, but only 
identifies the sender or sending department. 

Therefore, the present invention provides for utilization of an 
accounting application program in conjunction with the authenticated 

20 recipient's unique identification information. In the present aspect, once the 

recipient has been authenticated, the printer resources utilized during the 
printing operations are tracked by the printer (step S629). The printer then 
correlates the tracked resources with the authenticated recipient's 
identification information (step S630). The tracked data may then be 

25 submitted by the printer to a device that contains an accounting application 

program, such as print server 40. Alternatively, the printer may register with 
the print server or another device utilizing the accounting program and the 
print server or device may access the printer periodically to collect the 
accounting information. An accounting application program in the print server 

30 then utilizes this information to match resources utilized during all printing 
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operations while the recipient has control of the printer and to bill the 
department that the recipient belongs to. In this manner, the accounting 
application can track the resources to the person actually utilizing them, rather 
than matching them to a sender who may or may not be utilizing them. 

The foregoing provided a description of obtaining exclusive 
control in conjunction with authentication where exclusive control was not 
obtained until the recipient had been successfully authenticated. The 
following describes a process for obtaining exclusive control in conjunction 
with authentication, but with exclusive control being granted before the 
recipient is successfully authenticated. 

Generally, the process is similar to that described above with 
the regard to Figures 6A to 6D. However, some changes in the process steps 
are required and therefore Figure 6F is substituted for Figure 6C. Accordingly, 
the process steps depicted in Figures 6A and 6B apply equally to both a case 
where exclusive control is obtained only after the recipient has been 
successfully authenticated and where exclusive control is obtained before the 
recipient has been successfully authenticated. As such, a description of 
Figures 6 A and 6B will not be repeated here, but rather, only Figure 6F will be 
discussed. 

As seen in Figure 6F, step S609 is different from step S609 of 
Figure 6C. In Figure 6C, the recipient merely presented his identification 
information and then the printer processed the information to perform 
authentication in steps S610 to S615. After the recipient was successfully 
authenticated in Figure 6C, then in step S617 all print jobs in the print queue 
were deferred. Therefore, exclusive control in Figure 6C was not obtained 
until step S617. In Figure 6F, however, when the recipient presents his 
identification information to begin the authentication process (step S609), the 
printer simultaneously provides an indication to the queue that it is busy, 
thereby deferring all print jobs pending in the print queue. Accordingly, 
exclusive control is obtained in Figure 6F in step S609 rather than step S617. 



-45 - 

In this embodiment, since the recipient gains exclusive control 
before a successful authentication process, a mechanism to release exclusive 
control in the event of an authentication failure is provided for. Accordingly, 
if any of steps S610 to S615 (the authentication process steps) result in an 
authentication (or authorization) failure, then in step S616 the recipient is 
notified of the failure and exclusive control is automatically relinquished. 
Thus, in comparison to Figure 6C, step S616 in Figure 6F includes the 
additional process of releasing all deferred print jobs. 

If the recipient is successfully authenticated in steps S610 to 
S615, then in step S617, the printer notifies the print queue that the recipient 
has been authenticated. Therefore, in contrast to Figure 6C, in Figure 6F step 
S617 excludes the process of deferring the print jobs in the print queue since 
this process was previously performed in step S609. 

The remaining process steps of Figure 6F (steps S618 to S621) 
are the same as those described above with regard to Figure 6C and therefore 
the description of these steps will not be repeated here. 

As can readily be seen from the foregoing, exclusive control 
can be obtained in conjunction with authentication, either before the recipient 
is successfully authenticated, with control being automatically relinquished in 
the event of an authentication failure, or only after a successful authentication 
process has been performed. Although the foregoing focused on obtaining 
exclusive control in conjunction with authentication, as stated above, 
exclusive control can also be obtained in the absence of authentication. This 
process will now be described in more detail. 

Generally, the process of obtaining exclusive control in the 
absence of authentication is similar to that described above with regard to 
Figures 6 A to 6D (embodiment 1), and Figures 6 A, 6B, 6D and 6F 
(embodiment 2). However, process steps involving authentication are omitted. 

Figure 16 is a flowchart of process steps for obtaining exclusive 
control in the absence of authentication. In step SI 609, the recipient performs 
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a process to gain exclusive control. As described above, any type of process to 
gain exclusive control could be employed and the invention is not limited to 
any particular type of process. For instance, the recipient could press a button 
on a control panel of the printer to gain control, or he could enter a username. 
In the latter case, an optional process could be performed to confirm whether 
the recipient's username is contained in a listing of authorized users. If a 
match is found, the user would be permitted to gain control. If a match is not 
found, then the user would be notified of a failure. These optional steps are 
not depicted in Figure 16, but would be performed after step SI 609 and would 
be similar to steps S614, S615 and S616 of Figure 6C. Assuming that the 
recipient performs a process to gain control that does not involve authorization 
(such as pressing a button), flow proceeds to step S1610. 

In step S1610, once the recipient performs the process to gain 
exclusive control, all print jobs pending in the print queue, as well as those 
received by the print queue while the recipient maintains control, are deferred 
from being printed. Again, deferring the print jobs may be performed by any 
process as described above. 

In step S 161 1, the recipient performs a process to select a print 
job to print. The process may be any of those described above with regard to 
Figures 17A to 17D. That is, the recipient may select a print job pending in 
the print queue, or he may select a file from a remote storage location over a 
network, including the Internet or an intranet. Once the recipient performs the 
process to select the file or print job, he submits the print job for printing by 
the printer (step S1612). 

Steps S 16 13 to S 16 17 are the same as steps S626 to S630, 
respectively, of Figure 6D. Therefore, if any of the print jobs are print by 
reference, the print data is retrieved from the storage location, and printing 
resources utilized in printing the print job are tracked and correlated to the 
recipient. It should be noted that steps S1616 and S1617 can only be 
performed where the recipient has been identified. That is, in order for the 
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printing resources to be correlated to the recipient, the recipient has to provide 
some identification information (e.g. username) to the printer in step SI 609. 
Therefore, if the recipient merely presses a button, he is an anonymous 
recipient and any tracked resources could not be correlated to him. In this 
case, steps SI 61 6 and SI 61 7 could be omitted. 

Once the print job has been printed, a determination is made 
whether the recipient has relinquished control (step S161 8). Again, 
relinquishing control could be performed by any of the processes described 
above and the invention is not limited to any particular process. If the 
recipient maintains control, flow returns to step SI 61 1 for the recipient to 
select another print job to print. In this regard, the printer waits for the 
recipient to select another print job in step SI 61 1 and remains busy for other 
print requests (i.e. the print jobs pending in the queue remain deferred) until 
the recipient manually relinquishes control. Of course, a timeout mechanism 
could also be employed so that after a set length of inactivity by the user, the 
printer would automatically relinquish control. Once control has been 
relinquished, then all of the deferred print jobs in the queue are released and 
the printer resumes normal printing operations (step S1619). 

Remotely Obtaining Exclusive Control 

The foregoing provided a description of obtaining exclusive 
control of a device, such as a printer, while the user is present at the device. 
That is, the user obtained exclusive control of the printer by inserting a smart 
card into a smart card reader attached to the printer, by pressing a button on 
the printer, by entering an identification code (PIN) at the printer, etc. The 
following is a description of obtaining exclusive control of a device remotely, 
i.e., from a network location remote from the device or by utilizing a wireless 
device to remotely connect to the device to obtain remote exclusive control. In 
addition, while the foregoing description made reference to obtaining 
exclusive control of a printer, the following description of remote exclusive 
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control of a device will be made with reference to use of a shared 
multifunction device (i.e., a device connected to a network to be shared by 
multiple users and that performs various operations such as printing, copying, 
scanning and facsimile operations). 

Figure 18 depicts an example of a network environment in 
which remote exclusive control may be employed. Similar to the above 
description, network 2000 is preferably the Internet, but maybe a Local Area 
Network (LAN), Wide Area Network (WAN), or virtually any other type of 
network. Connected to network 2000 are multifunction device 2001 , 
computer workstation 2002, laptop computer 2003, and server 2005. As 
shown in Figure 18, each of the foregoing devices are preferably connected to 
network 2000 via a hardwired link. However, each of the various devices may 
also utilize any of a number of wireless technologies (RF or IR, for example) 
to communicate via network 2000. Such wireless communication for laptop 
computer 2003 is generally depicted in Figure 1 8 as wireless transmission 
2008. A wireless handheld device (hereinafter referred to as "Palm device 
2004"), such as a Palm VUx handheld device, may also be utilized to connect 
to the network and to obtain remote exclusive control of multifunction device 
2001 . Palm device 2004 preferably utilizes wireless communication 2010 to 
communicate via network 2000, or wireless communication 201 1 to 
communicate directly with multifunction device 2001 . The detailed structure 
of network 2000, computer workstation 2002, laptop computer 2003 and 
server 2005 may be substantially the same as network 100, computer 
workstation 10, laptop computer 20, and server 40 described above and 
therefore, for the sake of brevity, a detailed description of these components 
will not be repeated here. 

Multifunction device 2001 maybe any type of multifunction 
device that includes a networking capability. By including network capability, 
the multifunction device can perform various operations via the network, such 
as transmitting or receiving facsimiles, or accepting print requests and 
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printing out a print job. Multifunction device 2001 preferably includes the 
capability to perform printing operations (i.e., receiving print jobs via network 
2000), to perform facsimile operations, copying operations and scanning 
operations. Of course, copying and scanning operations generally require that 
a user be present at the device to feed a hardcopy printout into the device and 
therefore, these operations are generally not amenable to being performed 
remotely. As such, the following description of remote exclusive control of 
multifunction device 2001 will be limited to a user performing printing and 
facsimile operations once remote exclusive control has been obtained. 

In addition, multifunction device 2001 preferably includes an 
embedded web server as a way to provide users with access to the device's 
capabilities. That is, a user can access the web server in the multifunction 
device via the Internet (network 2000) to call up a web page in the web server 
that will provide the user with the ability to obtain control over the device. 
Having accessed the web page in the web server via the Internet, the user can 
then select an option to obtain remote exclusive control of the device and, if 
control is obtained, perform various operations while the user has remote 
exclusive control of the device. 

Figures 19A to 19C are flowcharts depicting process steps for 
performing remote exclusive control according to one embodiment of the 
invention. As seen in Figure 19 A, in step SI 900 a user performs a process to 
establish a connection with a device (such as multifunction device 2001) on 
the network for which they may want to obtain remote exclusive control. For 
instance, the user may enter the URL (Uniform Resource Locator) for a web 
server of multifunction device 2001 . Such a process could be performed from 
any of computer workstation 2002, laptop computer 2003 or Palm handheld 
device 2004. If the user is not able to establish a connection (NO in step 
SI 901), the user is notified of a connection failure (step SI 902). This may be 
similar to commonly known notifications provided in web browser 
applications that notify a user when a connection failure has occurred. A 
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connection failure may occur, for example, where there are problems on the 
network, or where the device is off-line or inundated with connections from 
other users. If the user is able to successfully establish a connection with the 
device, then flow proceeds to step SI 903. 

In step S 1903, it is assumed that the user selects an option to 
request to obtain exclusive control of the device. That is, upon establishing a 
connection with the web server, the user may be presented with a home page 
which includes various options for the user to select from. For instance, the 
user may be provided with an option to view information about the device 
(i.e., type of device, capabilities of the device, etc.), an option to perform 
administrative procedures on the device (change IP address, etc.), as well as an 
option to request to obtain exclusive control of the device. While the user may 
select any of the other available options, step SI 903 assumes that the user 
selects an option to obtain exclusive control of the device. 

Upon the user's selection of an option to remotely obtain 
exclusive control of the device, a determination is made whether the device is 
currently in use (step SI 904). That is, a determination is made whether 
another user is utilizing any of the device's functions (printing, copying, 
faxing, or scanning) in the absence of such another user having obtained 
exclusive control of the device. It should be noted that the present description 
relates to a case where a user requesting remote exclusive control of the device 
does not have the ability to interrupt another exclusive control session or a job 
already in progress and instead, must wait until the device is available (i.e., no 
longer under exclusive control of another user) before exclusive control can be 
obtained. A case where another exclusive control session can be interrupted 
and exclusive control obtained without waiting for the device to become 
available will be described below. If the determination in step SI 904 is NO, 
then another determination is made in step SI 905 whether the device is 
already under exclusive control of another user. If the device is not under 
exclusive control of another user, then flow proceeds to step SI 906. Before 
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proceeding to the description of step SI 906, it should be noted that the YES 
branches of both steps SI 904 and S1905 proceed to step SI 920 of Figure 19C, 
the description of which will be provided later. 

Proceeding now with step SI 906 of Figure 19A, once the 
determination has been made that the device is not in use and that it is not 
under the exclusive control of another user, the user requesting to obtain 
remote exclusive control of the device presents his/her identification 
information. That is, the user utilizes any of various means to input 
identification information, such as presenting a smart card in a smart card 
reader at the user's remote device (computer workstation 2002, laptop 
computer 2003, etc.), swiping a card having a magnetic strip containing 
identification information through a magnetic card reader, inputting his/her 
name and a password or PIN in the web browser, etc. Regardless of the means 
used, once the user inputs his/her identification information, various processes 
are performed in steps SI 907 to S1913 to verify that the user is authorized to 
obtain exclusive control of the device. Steps S1907 to S1913 are the same as 
steps S610 to S616 of Figure 6C and therefore, a description of these steps 
will not be repeated here. Once the user is authenticated and authorized to 
obtain exclusive control, flow proceeds to step S1914 of Figure 19B. Of 
course, if the user is not authenticated or not authorized in steps S1907 to 
SI 91 2, then the user is notified of such in step SI 913. 

Referring now to Figure 19B, after the user is authenticated and 
authorized in steps SI 907 to SI 912, in step S 1914, the user is provided with 
exclusive control of the device's capabilities. That is, the user maybe 
provided with a window representing a control panel of the device in the web 
browser of the user's remote computer, or maybe provided with text 
representing various options for the user to scroll through to perform the 
various operations of the device. In the meantime, the various engines of the 
device (i.e., the printing engine, facsimile engine, scanner engine, and copier 
engine) may all appear busy for requests from other users. As such, only 
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requests submitted to the various engines of the device from the remote user 
who has obtained exclusive control of the device will be accepted. The 
requests from other users may be rejected, or may be temporarily deferred until 
after exclusive control of the device has been relinquished similar to deferral 
of print jobs as described above. 

It should also be noted that, while the present discussion relates 
to a multifunction device, if the user requesting to obtain exclusive control has 
previously submitted print jobs to the multifunction device, preferably by 
including identification information with the print job such as the 
embodiments described above with regard to exclusive control of a printer 
using a smart card, the invention may provide for automatic manipulation of a 
print queue. That is, once the user is authenticated and authorized (steps 
S 1906 to S 191 2, or SI 920 to SI 926) and is provided with exclusive control 
(step S 1914), a determination maybe made whether any print jobs are pending 
in the print queue for the exclusive control user. If so, the print queue may be 
automatically manipulated to move the exclusive control user's print jobs to 
the top of the print queue so that they can be printed out by the exclusive 
control user merely selecting a print option from among the device's 
capabilities. 

Returning to Figure 19B, once the user obtains exclusive 
control, a timer determines whether the user has maintained control for a 
predetermined period of time without performing any operations on the device 
(step SI 91 5). This step provides a way to relinquish exclusive control from 
users who allow the device to remain idle, even though they have obtained 
exclusive control of the device. If the user has allowed the device to remain 
idle for a predetermined period of time, then control is relinquished in step 
SI 91 6 and the device resumes normal operation. In addition, once the user 
voluntarily relinquishes control (step SI 917), then the device resumes normal 
operation (step S1916). 
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Returning now to steps SI 904 and SI 905, where a 
determination is made that either the device is in use (YES in step SI 904) or 
that the device is under exclusive control of another user (YES in step SI 905), 
flow proceeds to step SI 920 of Figure 19C. Generally, the process steps of 
Figure 19C comprise confirming that the user can obtain exclusive control 
(authentication and authorization), adding the user to a reservation queue of 
users requesting to obtain remote exclusive control of the device, and once the 
user reaches the top of the reservation queue listing, providing the user with 
exclusive control of the device. 

Steps S1920 to S1927 are the same as steps S1906 to S1913 
and therefore a detailed description of those steps will not be repeated here. 
Briefly, however, these steps comprise authenticating the user, and 
determining whether the user is authorized to obtain exclusive control of the 
device. Once the user has been authenticated and is determined to be 
authorized to obtain exclusive control (YES in step SI 926), the user is added 
to a reservation queue of users requesting to obtain exclusive control of the 
device (step SI 928). The user is generally added to the last position (bottom 
of the list) in the queue. For example, as seen in Figure 20, if the current user 
attempting to obtain remote exclusive control of the device is referred to as 
User D, then as seen in Figure 20, the user is added to the reservation queue at 
the last position in the queue as Remote User D. However, it is also possible 
that users requesting to obtain exclusive control are inserted in the reservation 
queue at a position in the queue based on the user's priority. For example, as 
seen in Figure 21, before the current user (Remote User D) is added to the 
reservation queue, Remote Users A, B and C, and Local User A are already 
inserted in the queue. However, before Remote User D is added, a priority 
level of Remote User D is determined, and based on the determined priority 
level, Remote User D is inserted at the appropriate location in the queue. That 
is, in a case where Remote User D has a higher level of priority than all of 
Remote Users B and C and Local User A, but a lower priority level than 
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Remote User A, Remote User D is inserted in the reservation queue below 
Remote User A and above Remote Users B and C and Local User A. Whether 
the user is added at the bottom of the list or inserted in the list based on 
priority, such a determination may be made as part of the process represented 
generally as step SI 928. 

After the user is added to the reservation queue, a determination 
is made whether the user has broken their connection with the device (step 

51 929) . In this regard, it is preferable that the user maintain a connection with 
the device in order to promptly obtain remote exclusive control of the device 
once the user has moved to the top of the reservation queue. Of course, it is 
also possible to merely provide the user with a notification when he/she is at 
the top of the reservation queue list, or are approaching the top of the 
reservation queue list, such as by sending the user an email, such that the user 
can then reestablish a connection and obtain remote exclusive control. 
However, in the preferred embodiment, if the user breaks his/her connection 
with the device, then the user is removed from the reservation queue (step 

51930) . 

As long as the user maintains their connection with the device, 
then when a determination is made that the user is at the top of the reservation 
queue listing (YES in step SI 931), the user is notified that remote exclusive 
control has been obtained and the user is removed from the reservation queue 
(step S1932). Flow then proceeds to step S1914 of Figure 19B, the description 
of which is the same as that provided above and which will not be repeated 
here. However, it should be noted that in the above description of steps S1914 
et al., if it is determined in step S1915 that user inactivity has occurred for a 
predetermined amount of time, exclusive control is relinquished and the user 
will have to make another request to obtain exclusive control. As an 
alternative arrangement, once exclusive control is relinquished due to user 
inactivity (step SI 91 6), the user may be added back into the reservation queue, 
either at the last position, or at a position based on the user's priority level. 
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This arrangement provides a way for a user who loses exclusive control due to 
inactivity to re-establish exclusive control without having to make another 
request. 

Thus, as can readily be seen from the foregoing, a user 
5 establishes a remote connection with a device on the network and requests to 

obtain exclusive control of the device. If the device is in use or is under the 
exclusive control of another user, the user is inserted into a reservation queue 
of users requesting to obtain exclusive control of the device. When the user 
reaches the top of the reservation queue, as long as the user maintains a 

1 0 connection with the device, the user is notified that exclusive control has been 

obtained and the user can then perform various operations on the device, 
without being interrupted by another user. However, it may sometimes be 
desirable for some users, who may have a higher priority than another user 
who has exclusive control of a device, to be able to obtain exclusive control of 

1 5 the device from the another user. That is, it may desirable for the higher 

priority user to interrupt an exclusive control session of a lower priority user, 
such as, for example, the president of a company interrupting an exclusive 
control session of a secretary. Such a scenario will now be described with 
reference to Figures 22A to 22D. 

20 Figure 22A is a flowchart of process steps that, briefly, depict 

the process of a user establishing a remote connection with a device over a 
network and requesting to obtain remote exclusive control. The process steps 
depicted in Figure 22 A are practically the same as those described above with 
regard to Figure 19A. As is readily apparent however, one difference between 

25 Figures 19A and 22 A is that, in Figure 19A, when a user selects an option to 

obtain exclusive control (step S1903), a determination is made whether the 
device is in use (step SI 904) or already exclusively controlled by another user 
(step SI 905) before the process steps for user authentication/authorization 
(steps S1906 to S1913 or S1920 to S1927) are performed. In the embodiment 

3 0 of Figure 1 9A, performing steps S 1 904 and S 1 905 before user 
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authentication/authorization is preferred since it is assumed that they are not 
able to interrupt an exclusive control session and are merely added to a 
reservation queue to await their turn. However, in the present embodiment of 
Figure 22A, since it is assumed that the user may be able to interrupt an 
5 exclusive control session, it is preferable to authenticate/authorize the user 

first so as to be able to determine the requesting user's priority (i.e., to be able 
to determine whether the user can interrupt a session). Accordingly, in Figure 
22A, once the user establishes a remote connection with the device (steps 
S2200 to S2202) and selects an option to obtain exclusive control (step 

10 S2203), user authentication/authorization is performed in steps S2204 to 

S221 1 . Steps S2204 to S221 1 are the same as steps S 1906 to S1913 and 
therefore, the description of these steps will not be repeated again here. 

After a successful authentication/authorization process (YES in 
step S2210), the process flows to step S2212 of Figure 22B. In step S2212, a 

1 5 determination is made whether another user already has exclusive control of 

the device. If the device is not already exclusively controlled by another user, 
then the process proceeds to step S2213 of Figure 22C. If the device is already 
exclusively controlled by another user, then the process proceeds to step 
S2223 of Figure 22B. The process where the device is not already under the 

20 exclusive control of another user will be described first (beginning at step 

S2213) and then the latter will be described (step S2223). 

At step S2213 of Figure 22C, since a determination was made 
in step S2212 that the device is not already exclusively controlled by another 
user, exclusive control over the device's functions is granted to the requesting 

25 user. It should be noted that in the present embodiment higher priority users 

requesting exclusive control take precedence over lower priority users 
requesting exclusive control, and any user requesting exclusive control takes 
precedence over any user utilizing the device without requesting or obtaining 
exclusive control. As such, in step S2213, since it was determined that the 

30 device was not already exclusively controlled by another user, the user 
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requesting exclusive control is immediately granted exclusive control and any 
jobs in progress by users who have not requested or obtained exclusive control 
will necessarily be interrupted. Accordingly, it is not necessary to determine 
whether or not the device is in use, such as in step S 1904, since the user will 
5 be granted exclusive control regardless of whether or not the device is in use. 

Of course, an embodiment could be employed in which, rather than 
automatically interrupting a job in progress where the device is not under 
exclusive control of another user, the user requesting exclusive control is 
asked whether or not to interrupt the job. However, the process depicted in the 

10 steps described above is preferred. 

Having obtained exclusive control in step S2213, steps S2214 
to S2216, which are the same as steps S1915toS1917, are performed. As 
such, once exclusive control is relinquished (step S2215), the device resumes 
normal operation and any jobs that may have been interrupted are resumed. 

15 Returning now to step S2212, if a determination is made that 

the device is already under exclusive control of another user, then in step 
S2223 a determination is made, based on the requesting user's identification 
information, whether the requesting user (hereinafter referred to as the 
"Priority User") has the privilege to interrupt another exclusive control 

20 session. That is, a determination is made whether the priority user has a higher 

level of priority than the user who already has exclusive control of the device. 
If the priority user does not have the privilege to interrupt another exclusive 
control session, then the process continues at step S2218 of Figure 22D. If 
however, the priority user does have a higher level of priority than the user 

25 who already has exclusive control of the device, then the priority user may be 

requested to confirm whether or not he/she wants to interrupt the exclusive 
control session (step S2224). Of course, an embodiment could be employed in 
which the priority user is automatically given exclusive control and the lower 
priority user's exclusive control session is automatically interrupted, without 

30 asking the priority user to confirm the interruption. However, the present 
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embodiment preferably provides an option for the priority user to confirm that 
he/she wants to interrupt the exclusive control session of the lower priority 
user. This may comprise providing the priority user with the name or identity 
of the user who already has exclusive control, as well as other information 
5 about the current exclusive control session. For instance, the priority user may 

be informed of the current user's name and may be informed that they are in 
the process of transmitting page 5 of a 10 page facsimile and ask the priority 
user to confirm whether the exclusive control session should be allowed to 
continue or should be interrupted. If the priority user opts not to interrupt the 

10 current user's exclusive control session (NO in step S2224), or as stated 

above, if the user does not have the privilege to interrupt another user's 
exclusive control session, then the process proceeds to step S2218 of Figure 
22D. If the user does have the privilege to interrupt another user's exclusive 
control session (YES in step S2223) and does want to interrupt the current 

1 5 exclusive control session (YES in step S2224), then the process proceeds to 

step S2225 of Figure 22B. 

In the former case, in step S2218 the priority user is added to a 
reservation queue of users requesting to obtain exclusive control. This process 
and the process in the steps that follow step S221 8 is the same as that 

20 described above with regard to steps S 1 928 to S 1 932 of Figure 1 9C and steps 

S 1914 to SI 917 of Figure 19B. Accordingly, a description of the steps 
following step S2218 will not be repeated here. However, it should be noted 
that, although the priority user may not have the privilege to interrupt the 
exclusive control session of another user (NO in step S2223), he/she still may 

25 have a higher priority than other users who may already be in the reservation 

queue. As such, as described above, the priority user may be inserted in the 
reservation queue at a position higher than all, or at least some, of the other 
users in the reservation queue based on his/her priority level. 

In the latter case where the process proceeds to step S2225, the 

30 current user's exclusive control session is interrupted and the priority user is 



provided with exclusive control. This process is performed by the priority 
user being added to the reservation queue at the top of the queue and the 
current user being added to the reservation queue at the position immediately 
following the priority user (step S2225). Figures 23A and 23B depict 
5 examples of the reservation queue with Figure 23 A showing the priority user 

being added at the top of the queue listing and Figure 23B showing the current 
(interrupted) user being added at the position immediately following the 
priority user. Then, in step S2226, the current user's exclusive control session 
is relinquished and the priority user is provided with exclusive control. Once 

1 0 the priority user is provided with exclusive control, the priority user is 

removed from the reservation queue, such as that shown in Figure 23 C. 

Once the priority user obtains exclusive control, if the priority 
user's exclusive control session is inactive for a predetermined period of time 
(YES in step S2227), or after the priority user voluntarily relinquishes 

15 exclusive control (YES in step S2229), then exclusive control is returned to 

the current (interrupted) user and the current (interrupted) user is removed 
from the reservation queue (step S2228), such as that shown in Figure 23D. 
The current user's exclusive control session being restored, steps S2213 to 
S2216 are the same as those described above. 

20 As can readily be seen from the foregoing, a user requesting to 

obtain exclusive control that has a higher priority than another user who 
already has exclusive control of a device, may obtain exclusive control of the 
device from the other (lower priority) user, with exclusive control of the 
device being returned to the other (interrupted) user once the priority user's 

25 exclusive control session is relinquished. 

The invention has been described with particular illustrative 
embodiments. It is to be understood that the invention is not limited to the 
above-described embodiments and that various changes and modifications 
may be made by those of ordinary skill in the art without departing from the 

30 spirit and scope of the invention. 



